| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <xv52m5xu5tgwpckkcvyjvefbvockmb7g7fvhlky5yjs2i2jhsp@dcuovgkys4eh> Date: Fri, 17 May 2024 04:55:03 -0700 From: Jonathan Calmels <jcalmels@...0.net> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: brauner@...nel.org, Luis Chamberlain <mcgrof@...nel.org>, Kees Cook <keescook@...omium.org>, Joel Granados <j.granados@...sung.com>, Serge Hallyn <serge@...lyn.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, David Howells <dhowells@...hat.com>, Jarkko Sakkinen <jarkko@...nel.org>, containers@...ts.linux.dev, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-security-module@...r.kernel.org, keyrings@...r.kernel.org Subject: Re: [PATCH 1/3] capabilities: user namespace capabilities On Fri, May 17, 2024 at 06:32:46AM GMT, Eric W. Biederman wrote: > > Pointers please? > > That sentence sounds about 5 years out of date. The link referenced is from last year. Here are some others often cited by distributions: https://nvd.nist.gov/vuln/detail/CVE-2022-0185 https://nvd.nist.gov/vuln/detail/CVE-2022-1015 https://nvd.nist.gov/vuln/detail/CVE-2022-2078 https://nvd.nist.gov/vuln/detail/CVE-2022-24122 https://nvd.nist.gov/vuln/detail/CVE-2022-25636 Recent thread discussing this too: https://seclists.org/oss-sec/2024/q2/128
Powered by blists - more mailing lists